Advanced Information Technology Training

ADVANCED INFORMATION
TECHNOLOGY
TRAINING
PROGRAMME
COURSE MATERIAL
MODULE – I I
Board of Studies
The Institute of Chartered Accountants of India,
New Delhi
The objective of this background material is to provide uniform reference material to the
students undergoing 100 hours Advanced Information Technology Training.
All attempts have been made to make the discussion simple and comprehensive. Students may
note that the material has been prepared with an objective to help them in acquiring requisite
knowledge and skills in the subject and gain hands on experience.
This is also expected to serve as a source of reference book in their future education and training.
In case students have any suggestions to make for further improvement of the material contained
herein, they may write to Board of Studies or ITT Section, IT Directorate, ICAI Bhawan, A-29,
Sector–62, Noida. Queries can also be sent to: indu.itt@icai.in
All care has been taken to provide the material in a manner useful to the students. However
WKH PDWHULDO KDV QRW EHHQ VSHFLÀFDOO\ GLVFXVVHG E\ WKH &RXQFLO RI WKH ,QVWLWXWH RU DQ\ RI LWV
Committees and the views expressed herein may not be taken to necessarily represent the views
of the Council or any of its Committees.
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system
or transmitted, in any forms or by any means, electronic, mechanical, photocopying, recording
or otherwise, without prior permission, in writing, from the Institute.
©The Institute of Chartered Accountants of India
E-mail : indu.itt@icai.in
Website : www.icai.org
Edition : September, 2014
ISBN : 978-81-8441-717-3
Sale Price : 4 )RU0RGXOH, ,,
Published by : The Publication Department on behalf of The Institute of

Chartered Accountants of India,’ICAI Bhawan’, Post Box
No. 7100, Indraprastha Marg, New Delhi - 110 002, INDIA.
Printed by : Repro India Ltd., Mahape, Navi Mumbai

September / 2014 / P1622
CONTENTS
UNIT-3 : COMPUTER ASSISTED AUDIT TECHNIQUES ................................................................... 1
CHAPTER 1. INTRODUCTION TO CAAT .............................................................................................. 3

CHAPTER 2. DATA ANALYSIS AND AUDIT TECHNIQUES ................................................................. 10
CHAPTER 3. DATA ANALYSIS USING IDEA ......................................................................................... 15
UNIT-4 : CORE BANKING SOLUTION ........................................................................................... 65
CHAPTER 1. CBS BASICS AND ITS WORKING METHODOLOGY ........................................................ 67

CHAPTER 2. CBS INTERFACES-THEIR FUNCTIONALITY AND CONTROLS ........................................ 89
CHAPTER 3. SYSTEMS AUDIT OF CBS AND ITS INTERFACES .......................................................... 116
UNIT-5 : ENTERPRISE RESOURCE PLANNING .......................................................................... 129
CHAPTER 1. ERP OVERVIEW ............................................................................................................ 131

CHAPTER 2. ERP IMPLEMENTATION................................................................................................. 151
CHAPTER 3. ERP CONTROL AND AUDIT ........................................................................................... 168
CHAPTER 4. E-FILING ........................................................................................................................ 214
UNIT-6 : OFFICE AUTOMATION APPLICATION AND IT SECURITY IN A CA’s OFFICE .............. 219
CHAPTER 1. IT APPLICATION IN CA’S OFFICE .................................................................................. 221

CHAPTER 2. INFORMATION SECURITY IN CA’S OFFICE ................................................................... 257
CHAPTER 3. APPLICATIONS USING MIS AND DSS ............................................................................ 289
UNIT 3:
COMPUTER ASSISTED AUDIT TECHNIQUES
CHAPTER
1 INTRODUCTION TO CAAT
LEARNING OBJECTIVES
The learning objectives of the CAAT module are:
Understand how to use office automation software for performing various tasks as relevant to
services provided by chartered accountant in areas of accounting, assurance and compliance.
How to use CAAT/SQL queries for data analysis as required.
How to review controls implemented at various levels/layers such as: Parameters, user creation,
granting of access rights, input, processing and output controls in enterprise applications
1.1 Introduction
Auditors deal with information in myriad ways encompassing the areas of accounting, assurance, consulting
and compliance and most of this information is now available in electronic form. This is true not only in case of
large and medium enterprises but even in small enterprises. In case there are enterprises who have still not
adapted the digital way, then it is an opportunity for Auditors to help such enterprises to ride the digital wave.
Hence, it has become critical for Auditors to understand and use information technology as relevant for the
services we provide. It is rightly said: “one cannot audit data which is flying in bits and bytes by using the
ancient method of riding on a horse back”. We are living in a knowledge era where the skill sets are keys to
harnessing the power of technology to be effective as knowledge workers. Computer Assisted Audit Techniques
(CAATs) refers to using technology for increasing the effectiveness and efficiency of auditing. CAATs enable
auditors to do more with less and add value through the assurance process which is more robust and
comprehensive. This chapter provides an overview of the process, approach and techniques which could be
used across various technology platforms and in diverse enterprises.
1.2 The all-encompassing Electronic data

A great blessing in ancient times was: “May you live in exciting times”. Indeed, we are living in exciting times
without even being aware of it. We are experiencing how technology innovations are making our life and living
simpler by bridging global boundaries and bringing global information on our finger tips. For enterprises as well
as professionals, the question is no longer what technology can do for us but what we can do with technology.
The question “do I need to use technology” is no longer relevant instead the relevant decision is about “how do
I use technology to remain relevant”. Information technology is all pervasive and more so as the government
and regulatory agencies also are using technology platform to provide services to citizens and compelling
information to be filed in electronic form. The government at all levels has drawn up ambitious plans to
ADVANCED INFORMATION TECHNOLOGY TRAINING 3

implement e-Governance initiatives to improve speed, access and transparency of services. The Information
Technology (IT) Act 2000 with IT Amendment Act 2008 and IT rules 2011 provide the regulatory framework
and mechanism for recognizing electronic records and electronic transactions thereby facilitating ecommerce
and also identifying cybercrimes and providing penalties and compensation for them. Hence, we can expect IT
usage to only keep growing in the near future impacting all areas of life more so in our work as professionals.
1.3 Auditors and CAATs

As auditors, we come across computers and communication technology as the most common denominator
among our clients, both large and small. Further, we use computers and communication technology for
providing services to our clients. In today’s complex and rapidly changing technology environment, it is
important to master the right techniques which could be used across enterprises and across various technology
platforms. Typical of a IT environment are the speed of processing, large capacity of storage, lack of the paper
based trails, the radically different way of information processing, the ease of information access, internal
controls being imbedded and the ever-present risk of failure of IT and loss of data. All these factors make it
imperative for auditors to harness power of technology to audit technology environment by taking into
consideration the risks, benefits and advantages. CAATs empower Auditors with the key survival techniques
which effective used in any IT environment. CAATs are not specialist tools designed for use by specialist IT
auditors but these are common techniques which can be easily mastered to audit in a computerized
environment for statutory audit, tax audit and internal audit as also for providing consulting services.
1.4 Auditors and CAATs

CAATs are tools for drawing inferences and gathering relevant and reliable evidence as per requirements of the
assignment. CAATs provide direct access to electronic information and empower auditors not only to perform
their existing audits more efficiently and effectively but also facilitate them in knowing how to create and
execute new type of IT related audit assignments. CAATs provide a mechanism to gain access and to analyze
data as per audit objective and report the audit findings with greater emphasis on the reliability of electronic
information maintained in the computer system. There is higher reliability on the audit process as the source of
the information used provides and greater assurance on audit findings and opinion. CAATs are available in
specific general audit software designed for this purpose but the techniques of CAATs can be applied even by
using commonly used software such as MS Excel and by using query/reporting features of commonly used
application software. CAATs can be used to perform routine functions or activities which can be done using
computers, allowing the auditors to spend more time on analysis and reporting. A good understanding of
CAATs and know where and when to apply them is the key to success. ICAI has published a guidance note on
CAAT and publication titled: “Data Analysis for Auditors” which may be referred for more details.
1.5 Need for CAATs

In a diverse digital world of clients’ enterprises, the greatest challenges for an Auditor is to use technology to
access, analyze and audit this maze of electronic data. CAATs enable auditors to move from the era of ticks of
using pencil or pen to the era of clicks by using a mouse. CAATs will help auditors to change focus from time-
consuming manual audit procedures to intelligent analysis of data so as to provide better assurance to clients
and also mange audit risks. Some of the key reasons for using CAATs are:
4 ADVANCED INFORMATION TECHNOLOGY TRAINING

INTRODUCTION TO CAAT
1. Absence of input documents or lack of a visible paper trail may require the use of CAATs in the
application of compliance and substantive procedures.
2. Need for obtaining sufficient, relevant and useful evidence from the IT applications or database as per
audit objectives.
3. Ensuring audit findings and conclusions are supported by appropriate analysis and interpretation of the
evidence
4. Need to access information from systems having different hardware and software environments, different
data structure, record formats, processing functions in a commonly usable format.
5. Need to increased audit quality and comply with auditing standards.
6. Need to identify materiality, risk and significance in an IT environment.
7. Improving the efficiency and effectiveness of the audit process.
8. Ensuring better audit planning and management of audit resources.
1.6 Obtaining audit data

In most cases where CAATs are used, it becomes necessary to obtain copy of data in their original format for
independent analysis. The data has to be obtained in commonly accepted format. It is important to understand
the format in which the data is stored in the application which is being audited. If the data is a native format
which is not readable by audit software, then it is necessary to use the reporting feature of application software
and export this data to commonly recognizable format of audit software. For example, auditor may not be aware
of the data structure/tables of a software developed through a vendor by the client. In such case, auditor may
have to study the reporting features and use the export feature to get the data in the required format. It is very
important to educate the client about the need to obtain copy of the data as required for audit. Based on the
audit scope and relevant audit environment, auditor may have to finalize the required approach for getting the
data for audit. This may include installing audit software on client system or using the application software for
audit as feasible.
1.7 Key steps for obtaining data

1. Discuss with client about the requirement of raw data for audit and issue a request letter for getting the
requested data in specified form as per the audit objectives.
2. Discuss with the IT personnel responsible for maintain data/application software and obtain copies of
record layout and definitions of all fields and ensure that you have an overall understanding of the data.
The record layout should describe each field and provide information about the starting and ending
positions and the data type (numeric, alphanumeric, character, etc.).
3. Print sample list of the first 100 records in the data file and compare this to a printout of the obtained data
to confirm they are correct.
4. Verify data for completeness and accuracy by checking the field types and formats, such as identifying all
records with an invalid date in a date field.

5. Obtain control totals of all the key data and compare with totals from the raw data to ensure all records
have been properly obtained. This can be performed by importing the data in audit software and
reviewing the statistics of all the key fields.
1.8 Key capabilities of CAATs

CAATs refer to using computer for auditing data as per audit objectives. This requires understanding of the IT
environment and most critically the core applications and the relevant database and database structure. CAATs
could be used by using the relevant functionalities available in general audit software, spreadsheet software or
the business application software. However, broadly the key capabilities of CAATs could be categorized as
follows:
1. File access: This refers to the capability of reading of different record formats and file structures. These
include common formats of data such as database, text formats, excel files. This is generally done using
the import/ODBC function.
2. File reorganization: This refers to the features of indexing, sorting, merging, linking with other identified
files. These functions provide auditor with an instant view of the data from different perspectives.
3. Data selection: This involves using of global filter conditions to select required data based on specified
criteria.
4. Statistical functions: This refers to the features of sampling, stratification and frequency analysis.
These functions enable intelligent analysis of data.
5. Arithmetical functions: This refers to the functions involving use of arithmetic operators. These
functions enable performing re-computations and re-performance of results.
Precautions in using CAATs

CAATs have distinct advantages for Auditors and enable them to perform various types of tests. However, it is
important to ensure that adequate precautions are in taken in using them. Some of the important precautions to
be taken by Auditors are:
1. Identify correctly data to be audited
2. Collect the relevant and correct data files
3. Identify all the important fields that need to be accessed from the system
4. State in advance the format the data can be downloaded and define the fields correctly
5. Ensure the data represent the audit universe correctly and completely.
6. Ensure the data analysis is relevant and complete.
7. Perform substantive testing as required.
8. Information provided by CAATs could be only indicators of problems as relevant and perform detailed
testing as required.

1.9 Step by step methodology for using CAATs

CAATs are very critical tools for Auditors. Hence, it is important to formulate appropriate strategies to ensure
their effective use. Some of the key strategies for using CAATs are:
1. Identify the scope and objectives of the audit. Based on this, auditor can decided about the need and the
extent to which CAAT could be used.
2. Identify the critical data which is being audited as per audit scope and objectives.
3. Identify the sources of data from the enterprise information system/application software. These could be
relating to general ledger, inventory, payroll, sundry debtors, sundry creditors.
4. Identify the relevant personnel responsible for the data and information system. These personnel could
be from the IT department, vendors, managers, etc.
5. Obtain and review documents relating to data/information systems. This should provide information about
data types/data structures and data flow of the system.
6. Understand the software by having a walk-through right from user creation, grant of user access,
configuration settings, data entry, query and reporting features.
7. Decide what techniques of CAATs could be used as relevant to the environment by using relevant CAAT
software as required.
8. Prepare a detailed plan for analyzing the data. This includes all the above steps.
9. Perform relevant tests on audit data as required and prepare audit findings which will be used for forming
audit report/opinion as required.
1.10 Examples of Tests performed using CAATs

CAATs can be used for compliance or substantive tests. As per the audit plan, compliance tests are performed
first as per risk assessment and based on the results of the compliance tests; detailed compliance tests could
be performed. Some examples of tests which can be performed using CAATs are given below:
1. Identify exceptions: Identify exceptional transactions based on set criteria. For example, cash
transactions above Rs. 20,000.
2. Analysis of Controls: Identify whether controls as set have been working as prescribed. For example,
transactions are entered as per authorised limits for specified users.
3. Identify errors: Identify data, which is inconsistent or erroneous. For e.g.: account number which is not
numeric.
4. Statistical sampling: Perform various types of statistical analysis to identify samples as required.
5. Detect frauds: Identify potential areas of fraud. For example, transactions entered on week-days or
purchases from vendors who are not approved.
6. Verify calculations: Re-perform various computations in audit software to confirm the results from
application software confirm with the audit software. For e.g.: TDS rate applied as per criteria.

7. Existence of records: Identify fields, which have null values. For example: invoices which do not have
vendor name.
8. Data completeness: Identify whether all fields have valid data. For example: null values in any key field
such as date, invoice number or value or name.
9. Data consistency: Identify data, which are not consistent with the regular format. For example: invoices
which are not in the required sequence.
10. Duplicate payments: Establish relationship between two or more tables as required. For example
duplicate payment for same invoice.
11. Inventory obsolescence: Sort inventory based on data of purchase or categories as per specified aging
criteria or period and identify inventory which has become obsolete.
12. Accounts exceeding authorized limit: Identify data beyond specified limit. For example,
transactions entered by user beyond their authorized limit or payment to vendor beyond amount due or
overdraft allowed beyond limit.
1.11 Analytical Review Procedures

The various standards on auditing highlight need for acquiring the required skill-sets to audit in an IT
environment and using relevant techniques. Many of the requirements of the auditing standards can be
complied by adapting them for use in an IT environment as required. For example: Standard on Auditing (SA)
520Analytical Procedures states:
A1. Analytical procedures include the consideration of comparisons of the entity’s financial information with, for
example:
x Comparable information for prior periods.
x Anticipated results of the entity, such as budgets or forecasts, or expectations of the auditor, such as an
estimation of depreciation.
x Similar industry information, such as a comparison of the entity’s ratio of sales to accounts receivable
with industry averages or with other entities of comparable size in the same industry.
A2. Analytical procedures also include consideration of relationships, for example: Among elements of financial
information that would be expected to conform to a predictable pattern based onthe entity’s experience, such as
gross margin percentages.
Most of the analytical procedures can be performed in an IT environment using CAATs which makes the audit
process much more effective and efficient.
Summary
CAATs enable auditors to use computers as a tool to audit electronic data. CAATs provide auditors access to
data in the medium in which it is stored, eliminating the boundaries of how the data can be audited. As auditors
start using CAATs, they will be in a better position to have a considerable impact on their audit and auditee as
more time is spent on analysis and less time on routine verification. It is important to understand the client IT

environment and chart out which techniques of CAAT could be used. Initially, time needs to be invested in this
Endeavour but once the audit plan is prepared based on the IT environment as per audit scope, re-use
becomes easier. However, the audit plan and tests need to be updated based on changes in the IT environment
as relevant. Using CAATs provides greater assurance of audit process to the auditor and also to the auditee.
The key to using CAAT is recognizing the need, learning how to use CAATs and using them in practical
situations.

CHAPTER
2 DATA ANALYSIS AND AUDIT

TECHNIQUES
ICAI has issued guidelines on CAAT and the various assurance standards highlight the importance of using
CAATs as relevant for audit. ISACA has also issued standards and guidelines on auditing and CAATs. Some of
the key aspects from these standards and guidelines are given below.
2.1 Need for using CAATs

As entities increase the use of information systems to record, transact and process data, the need for the
auditors to utilize tools to adequately assess risk becomes an integral part of audit coverage. The use of
computer-assisted audit techniques (CAATs) serves as an important tool for the auditor to evaluate the control
environment in an efficient and effective manner. The use of CAATs can lead to increased audit coverage,
more thorough and consistent analysis of data, and reduction in risk.
CAATs include many types of tools and techniques, such as generalized audit software, customized queries or
scripts, utility software, software tracing and mapping, and audit expert systems.
CAATs may be used in performing various audit procedures including:
x Tests of details of transactions and balances
x Analytical review procedures
x Compliance tests of general controls
x Compliance tests of application controls
CAATs may produce a large proportion of the audit evidence developed on audits and, as a result, the auditor
should carefully plan for and exhibit due professional care in the use of CAATs.
2.2 Key Factors to be considered in Using CAATs

When planning the audit, the IS auditor should consider an appropriate combination of manual techniques and
CAATs. In determining whether to use CAATs, the factors to be considered include:
x Computer knowledge, expertise, and experience of the IS auditor
x Availability of suitable CAATs and IS facilities
x Efficiency and effectiveness of using CAATs over manual techniques
x Time constraints

DATA ANALYSIS AND AUDIT TECHNIQUES
x Integrity of the information system and IT environment

x Level of audit risk
2.3 CAATs Planning Steps

The major steps to be undertaken by the auditor in preparing for the application of the selected CAATs include the
following:
x Set the audit objectives of the CAATs, which may be included in the terms of reference for the exercise.
x Determine the accessibility and availability of the organization’s IS facilities, programs/systems and data.
x Clearly understand composition of data to be processed including quantity, type, format and layout.
x Define the procedures to be undertaken (e.g., statistical sampling, recalculation, confirmation).
x Define output requirements.
x Determine resource requirements, i.e., personnel, CAATs, processing environment (the organization’s IS facilities or
audit IS facilities).
x Obtain access to the organization’s IS facilities, programs/systems and data, including file definitions.
x Document CAATs to be used, including objectives, high-level flowcharts and run instructions.
2.4 Audit evidence and CAATs

Audit is primarily said to be the process of collecting and evaluating audit evidence as per audit objectives. Based on the
scope and objectives of audit, auditor can obtain the audit evidence by:
x Inspection
x Observation
x Inquiry and confirmation
x Re-performance
x Recalculation
x Computation
x Analytical procedures
x Other generally accepted methods
2.5 CAATs Documentation

Work papers
The step-by-step CAATs process should be sufficiently documented to provide adequate audit evidence. Specifically, the
audit work papers should contain sufficient documentation to describe the CAATs application, including the details set out
in the following sections.

Planning
Documentation should include:
x CAATs objectives
x CAATs to be used
x Controls to be exercised
x Staffing and timing
Execution
x CAATs preparation and testing procedures and controls
x Details of the tests performed by the CAATs
x Details of inputs (e.g., data used, file layouts), testing periods, processing (e.g., CAATs high-level
flowcharts, logic) and outputs (e.g., log files, reports)
x Listing of relevant parameters or source code
Audit Evidence
x Output produced
x Description of the audit analysis work performed on the output
x Audit findings
x Audit conclusions
x Audit recommendations
In audits where CAAT is used, it is advisable that the audit report includes a clear description of the CAATs
used in the objectives, scope and methodology section. The description of CAATs used should also be included
in the body of the report, where the specific finding relating to the use of CAATs is discussed. This description
should not be overly detailed, but it should provide a good overview for the reader.
2.6 Audit Test using CAATs

If the data to be audited is available in electronic form, then CAATs could be used for:
x Inquiry and confirmation – identifying accounts for which external confirmation is to be obtained. Request
letters for confirmation of balances can be printed using CAAT software.
x Re-performance: The processing of transactions done by the application software can be re-performed
and the resultant data can be compared to verify correctness and completeness. For example: Postings
of transactions to personal ledger can be re-performed using the original transaction data base and
compared with classified transactions as per ledgers.

DATA ANALYSIS AND AUDIT TECHNIQUES
x Re-calculation: All the computations which were done electronically by the application software used in
the enterprise can be independently validated by re-performing the computations. For example, Tax
deducted at source or VAT charged on sales, interest computation, etc. can be re-computed in CAAT
software and validated with the computed totals from the original application software to confirm
correctness of processing of transactions.
x Computation: using CAAT software, it is possible to compute totals to confirm correctness. For example,
the VAT payments made for the year can be total in CAAT software to compare with the total payments
as per VAT returns. The interest debited can be computed and compared with actual debit to interest a/c
for the year.
x Analytical procedures: Based on the data available in electronic format, various analytical procedures
can be performed by comparing and relating various aspects of financial and on-financial information.
2.7 Audit Sampling

Auditor has to design and select an audit sample and evaluate sample results. Appropriate sampling and
evaluation will meet the requirements of ‘sufficient, reliable, relevant and useful evidence’ and ‘supported by
appropriate analysis. Auditor should consider selection techniques that result in a statistically based
representative sample for performing compliance or substantive testing.
When using either statistical or non-statistical sampling methods, auditor should design and select an audit
sample, perform audit procedures, and evaluate sample results to obtain sufficient, reliable, relevant and useful
audit evidence. Audit sampling is defined as the application of audit procedures to less than 100 percent of the
population to enable the IS auditor to evaluate audit evidence about some characteristic of the items selected to
form or assist in forming a conclusion concerning the population.
Statistical sampling involves the use of techniques from which mathematically constructed conclusions
regarding the population can be drawn. Non-statistical sampling is not statistically based, and results should not
be extrapolated over the population as the sample is unlikely to be representative of the population.
Design of the Sample

When designing the size and structure of an audit sample, IS auditors should consider the specific audit
objectives, the nature of the population, and the sampling and selection methods.
Auditor should consider the need to involve appropriate specialists in the design and analysis of samples.
Selection of the Sample

There are four commonly used sampling methods. Statistical sampling methods are:
x Random sampling—Ensures that all combinations of sampling units in the population have an equal
chance of selection
x Systematic sampling—Involves selecting sampling units using a fixed interval between selections, the
first interval having a random start. Examples include Monetary Unit Sampling or Value Weighted selection
where each individual monetary value (e.g., Rs. 1) in the population is given an equal chance of selection. As
the individual monetary unit cannot ordinarily be examined separately, the item which includes that monetary

unit is selected for examination. This method systematically weights the selection in favour of the larger
amounts but still gives every monetary value an equal opportunity for selection. Another example includes
selecting every ‘nth sampling unit
Non-statistical sampling methods are:
x Haphazard sampling—The IS auditor selects the sample without following a structured technique, while
avoiding any conscious bias or predictability. However, analysis of a haphazard sample should not be relied
upon to form a conclusion on the population
x Judgmental sampling—The IS auditor places a bias on the sample (e.g., all sampling units over a
certain value, all for a specific type of exception, all negatives, all new users). It should be noted that a
judgmental sample is not statistically based and results should not be extrapolated over the population as the
sample is unlikely to be representative of the population.
Auditor should select sample items in such a way that the sample is expected to be representative of the
population regarding the characteristics being tested, i.e., using statistical sampling methods. To maintain audit
independence, the IS auditor should ensure that the population is complete and control the selection of the
sample. For a sample to be representative of the population, all sampling units in the population should have an
equal or known probability of being selected, i.e., statistical sampling methods.

CHAPTER
3 DATA ANALYSIS USING IDEA
LEARNING OBJECTIVES
To gain understanding on Importing different file formats into IDEA.
To understand on how to generate field statistics for the database.
To understand formatting Data.
There are many audit software available in the market. However, for the purpose of learning CAATs, we will be
using IDEA software in this chapter and also for performing exercises in the lab. Students may refer to the ICAI
publication titled: “Practical application of CAAT –case studies” for more examples and details of CAATs using
IDEA Software.
3.1 Importing Data

Function Description
Important Assistant brings the selected file or files into IDEA database management system. User-friendly
Import assistant guides user through a series of steps and instructions for importing the file into the Software.
All the functionalities of IDEA can be performed only when the file is available within IDEA. Hence, the first step
in data analysis is ensuring that the files to be audited are in selected format acceptable in IDEA and are
imported into IDEA.
Let us assume you have an Excel or Access file and you want to perform certain idea functionalities on it, then
it is important to import these files into IDEA.IDEA facilitates user to import external files in different formats like
Access, Excel, dbase or other ODBC/DSN formats into IDEA database.
We are explaining below step by step how to import a file into IDEA. If you have access to IDEA Server, you
can also import files to IDEA Server. For now, you will have to import a file to your Working Folder. A Working
Folder is simply a folder that contains the IDEA databases that you wish to analyze. It is recommended that all
the files related to each audit or investigation be stored in a separate folder or directory to simplify file
management and housekeeping.
Note: The sample files which are used for explaining how to perform various functionalities of idea are available
in the C:\Program Files\IDEA\UserFiles\Tutorial\ when IDEA is installed with default settings. You can perform
exercises using the relevant sample data files. Please check with your lab instructor about the location of these
files. We will be using tutorial/sample files for explaining different functionalities of IDEA in this booklet.
You can import files of different format into IDEA. However, for this exercise, we are giving below an example
for importing an Access file into IDEA.

Step by Step Procedure for Importing Data into IDEA

Location
x File>Import Assistant >Import to IDEA
x Alternatively, on the Operations toolbar, click the Import to IDEA button. Import Assistant dialog box
appears as shown in Fig 3.1.1.
Fig. 3.1.1 Import Assistant Location

Step 1: Select the Format
Fig. 3.1.2 Import Assistant Step 2

DATA ANALYSIS USING IDEA
(a) In the Import Assistant Dialog Box, select Microsoft Access from the list.
(b) Click the Browse button next to the File namebox to select the Microsoft Access database you want to
Import.
(c) Navigate to and select C:\Program Files\IDEA\UserFiles\Tutorial\Customer.MDB.
(d) Click Open.
(e) The Select File dialog box closes and the selected file name and path appear in the File namebox inthe
Import Assistant dialog box.
(f) Click Next.
The Microsoft Access dialog box appears.
Step 2: Select Tables as shown in Fig 3.1.3
Fig. 3.1.3 Import Assistant Step 3

(g) In the Select tables box, select Database1.
Note: If you import a Microsoft Access file that contains more than one table, you may simultaneously
import multiple tables by selecting the associated check boxes. However, any options you select will
apply to all imported tables.

(h) All Character fields will be imported with a length of 255 characters unless changed. This is not likely to
be the underlying Character field length. Therefore, leave the Scan records for field length check box
selected. Also, accept the default value in the Scan only box in order to scan 10,000 records to
determine the maximum field length.
(i) Accept the default output file name (Customer), and then click OK. When the file is imported, the
database name becomes filename-tablename. In this case, the file you imported becomes an IDEA
database called Customer-Database.
Step 3: Result - Customer-Database

On clicking Ok, the Customer Database is imported into IDEA. The imported database is opened in the
Database Window. In the File Explorer Window the imported database is highlighted as shown in Fig 3.1.4
Fig. 3.1.4. Customer Database is imported into IDEA

Exercises:
1. Please perform the following exercises in your lab.
2. Please import excel file following the above steps.
3. Please import text delimiter file and notice the different steps.
4. Please import excel file using ODBC option.

3.2 Importing Data

Click on field statistics after importing the files and understand the nature of data which is imported.
You can use the Export Database task to create an external file from an IDEA database so that you can use the
data in other applications, such as a spreadsheet package. IDEA exports data in a number of text, database,
spreadsheet, and mail merge formats.
You can use the Export Database task to create an external file from an IDEA database so that you can use the
data in other applications, such as a spreadsheet package. You can also use Copy and Paste to incorporate
portions of text or sections of database into other Windows applications. IDEA also supports drag and drop into
any other OLE2 container application, such as Microsoft Excel. IDEA exports data in a number of text,
database, spreadsheet, and mail merge formats.
Step by step process for exporting files from IDEA.

Location
x File>Export Database
Fig. 3.2.1 Export Database Location

Database Used
x Customer-Database1

Export Dialog Box
Fig. 3.2.2. Export Database

(a) In Records to Select, on selecting All will select the entire records. On selecting Range allows the user to
select the Starting and Ending record number.
(b) By default the path is set to C:\Users\Saranya\Documents\IDEA\Samples\Customer-Database1.
(c) In Export Type, user can select the format in which the current file has to be exported and also name the
resultant exported file.
(d) In Filename allows the user to select the path to which the file has to be exported.
(e) On clicking Fields, we can select or unselect the fields that have to be exported.
(f) During Exporting process, condition or criteria can be applied using the criteria button. On clicking this
button, Equation Editor Dialog box is opened which facilitates the user to write in query or condition.
(g) Clicking Ok, exports the active file into given desired format.
Exercise:
1. Export actual idea file to different formats such as: HTML, Excel, text delimited file and check the results.
3.3 Summarization
Learning Objectives:
To total the sales transaction by INVOICENO to produce a list of outstanding Sales as well as to identify the
number of INVOICENO and the Sales per INVOICENO.
Summarization accumulates the values of Numeric fields for each unique key. For example, summarizing an
Accounts Payable database by account number (the key) and totalling invoice amounts produces a database or

Results output of outstanding liabilities by supplier. The Summarization task provides:

x A list of unique items (keys) in the database
x The number of records for each key
x Totals of one or more numeric fields for each key
You may select up to eight fields to summarize by or if using one field you can use the Quick Summarization
option. If using multiple fields, the Summarization task works faster and is more efficient on a database that has
been sorted.
You may select any number of Numeric fields to total. The resultant database provides a list of unique key
items and the number of records (NO_OF_RECS) for each key from where you can drill down to display the
individual records for the key. You can select additional field data to be selected from fields from the first
occurrence or the last occurrence.
The summarization result grid is limited to 4,000 rows and does not display results beyond 4,000 rows. If you
expect your result will have more than 4,000 rows, you must choose to create a database.
Step by Step Procedure for summarization

Ensure that Sales Transactions is the active database and the Data property is selected in the Properties
window.
Location
x Analysis > Summarization
Fig. 3.3.1 Summarization Location

(a) In the Summarization Dialog Box, select the following:
x Fields to summarize: INVOICENO
x Numeric fields to total: SALES

(b) Click Fields. The Fields dialog box appears. Note that no fields are selected. This stops unnecessary
information from being included in the summarized database.
(c) Click OK to return to the Summarization dialog box.
Select the Use Quick Summarization check box. The Use Quick Summarization check box may be selected
as a faster means to summarize your database. However, Quick Summarization may only be used if the
database has no more than 4,000 unique keys. In addition, Quick Summarization allows you to select only one
field to summarize.
There are two types of output from the Summarization task:
x Summarization database
x Summarization result
Note that as with most tasks in IDEA, you may apply a criterion to the task, for example; only summarize
transactions for a specified period. As with all other tasks where you can apply a criterion, if you apply the
criterion to the database using the Criteria link in the Properties window, the criterion equation appears in the
Criteria text box on the task dialog box. However, you may enter a new criterion or modify an existing one
using the Equation Editor as shown in Fig 3.3.2.
Fig. 3.3.2 Summarization

(d) In the Statistics to include area, accept the default selections of Sum.
(e) Click OK.
View the resultant database and note the following fields:
x INVOICENO- List of unique INVOICENO
x NO_OF_RECS - Number of records for each INVOICENO
x Sales_SUM- Total Sales of the transactions for each INVOICENO
Also note the number of records (989) on the Status bar displayed in the below figure. Note that IDEA

automatically creates an Action Field link to the parent database (Sales Transactions). It allows you to display
the records from the Sales Transactions database by clicking on a value (in blue) in the NO_OF_RECS field
as shown in Fig 3.3.3.
Fig. 3.3.3 Summarization Result

Exercises:
1. Use the sample employees file in the sample database of idea and perform summarization on branch and
total on salary. Click on the hyperlink of the number of records and check the result.
2. Use the sample employees file in sample database of idea and perform summarization on country and
total on salary and check the result.
3.4 Statistics
Learning Objectives
x Understanding to view the field statistics for the Numeric fields in the active database.
x The statistics is used for reconciling totals, obtaining a general understanding of the ranges of values in
the database, and highlighting potential errors and the area of weakness to focus subsequent tasks.
The Field Statistics property provides statistical information about all Numeric, Date, and Time fields within the
active database. The field statistics are available and displayed for all records in the database, with any applied
criteria ignored.
By default, the Field Statistics window displays the statistics for Numeric fields. Ensure that Customer-
Database is the active database and the Data property is selected in the Properties window.

Step by Step Procedure for Statistics

Location
x In the Properties window, click Field Statistics.
Fig. 3.4.1 Statistics Location

(a) On clicking Field Statistics in property window, IDEA displays below message box.
(b) Click Yes to generate field statistics for all fields.
Fig. 3.4.2 Statistics

(c) By Default By default, the Field Statistics window displays the statistics for Numeric fields. In this case,
field statistics appear for all the available numeric fields. To view field statistics for the Date fields and
Time fields in a database, click Date and Time in the Field Type area of the Field Statistics window. In
the current database, there are no Date or Time fields.
(d) If the database contained more than one Date, Numeric, or Time field, multiple date, numeric, or
Time field statistics would appear together on the same screen for easy comparison of values.

Statistics for Numeric Fields
Fig. 3.4.3 Numeric Statistics

(a) As shown in the above image, active database contains six numeric fields and the statistics for all six
numeric fields are displayed in Field Statistics window which allows easy comparison between them.
(b) Study the field statistics for the all Numeric fields. Note in particular:
COUNTRYNO UNIT_PRICE QTY PROD_CODE AMOUNT PAYMENT_AMT
# of Records 1,000 1,000 1,000 1,000 1,000 1,000
# of Zero
Items 0 0 49 0 49 49
Average
Value 8.08 8.08 90.07 9627.42 710.36 710.36
Minimum
Value 3 3.84 0 9598 0.00 0.00
Maximum
Value 10 9.99 3496 9951 27793.20 27793.20
Below two Images displays statistics for Date and Time fields for current active database.
Statistics for Date Fields
Fig. 3.4.4 Date Statistics

Statistics for Time Fields
Fig. 3.4.5 Time Statistics

Exercise:
1. Click on field statistics for sample employees and understand profile of data.
2. Click on field statistics for sample-inventory and understand profile of data.
3.5 Sampling
Learning Objectives
x To draw a number of records with fixed interval for testing.
x To select a random sample of records for testing.
x To extracts a random sample with a specified number of records from each of a series of bands.
Sampling in IDEA is broadly statistical and probability-based.
The probability-based sampling techniques are: Systematic, Random and Stratified Random
The statistical sampling techniques are: Attribute, Classical Variable and Monetary Unit sampling
We will be covering examples of systematic and random sampling only in this training. Students may try other
forms of sampling in the lab exercise.

Systematic Record Sampling

Systematic Record Samplings a method to extract a number of records from a database at equal intervals to a
separate database. It is often referred to as interval sampling.
There are two methods of determining the sample:
x Entering the number of records, in which case IDEA computes the interval size.
x Entering the selection interval, in which case IDEA computes the number of records.
IDEA calculates the above parameters on the number of records in the database and defaults to the first to last
records. However, we can extract the sample from a range of records, if required.
Step by Step Procedure for performing Systematic Sampling

Ensure that Sales Transaction-Sales Trans is the active database and the Data property is selected in the
Properties window.
Location
x Sampling >Systematic.
x Alternatively, click the Random Record Sampling button on the Operations toolbar. The Random
Record Sampling dialog box appears as shown in Fig 3.5.1
Fig. 3.5.1 Systematic Sampling

Step 1: Number of Records
Fig. 3.5.2 Number of Records

(a) In the Number of records to select box, enter 100.
(b) Accept the random number seed provided by IDEA. IDEA uses the random number seed to start the
algorithm for calculating the random numbers. If a sample needs to be extended, then entering the same
seed but with a larger sample size produces the same original selection plus the required additional
records.
(c) Accept the defaults in the Starting record number to select and the Ending record number to
x Select boxes.
x IDEA sets the defaults as the first and last records; in this case 1 and 1000.
(d) In the File name box, enter Systematic Sales.
Step 2: Selection Interval
Figure 3.5.3 Selection Interval

(a) In Selection Interval tab page, enter 10 for selection interval. This means it picks every 10th records
from 1 to 1000 records. Total records picked are 100.
(b) Click Ok.
Step 3: Result of Systematic Sampling
Fig. 3.5.4 Systematic Result

(a) As displayed in the result, every 10th record is picked from the active database and total numbers of
records are 100.
Random Record Sampling

Random Record Sampling is a commonly used method of sampling. With it we enter the sample size as well as
the range of records from which the sample is to be extracted to a separate database. Then, using a random
number seed, IDEA generates a list of random numbers and selects the appropriate records associated with
these numbers.
Step by Step Procedure for performing Random Sampling
Ensure that Sales Transaction-Sales Trans is the active database and the Data property is selected in the
Properties window.

Location
x Sampling >Random.
x Alternatively, click the Random Record Sampling button on the Operations toolbar. The Random
Record Sampling dialog box appears as shown in Fig 3.5. 5
Fig. 3.5.5 Random Sampling Location
Fig.3.5.6 Random Sampling

(a) In the Number of records to select box, enter 10.
(b) Accept the random number seed provided by IDEA. IDEA uses the random number seed to start the
algorithm for calculating the random numbers. If a sample needs to be extended, then entering the same
seed but with a larger sample size produces the same original selection plus the required additional
records.
(c) Accept the defaults in the Starting record number to select and the Ending record number to Select
boxes.

IDEA sets the defaults as the first and last records; in this case 1 and 999.
(d) Leave the Allow duplicate records check box unselected.
(e) In the File name box, enter Random Sales.
(f) On clicking Ok total 10 records are extracted from active database.
Random Sampling Result
Fig. 3.5.7 Random Sampling Result

Exercises:
1. Perform sampling on different sample files available in sample database.
2. Perform stratified sampling using one of the tables in the sample database.
3.6 Stratification
Learning Objectives
x To stratifying the data from the file into bands and gaining the profile of the data. The data can be
stratified based using the numeric, date or character field to select a random sample of records for testing.
The process of stratification involves creating bands based on ranges of values (normally from the minimum to
the maximum values of one or more fields) and accumulating the records from the database into the
appropriate bands. By totaling the number of records and value of each band, you can gain a profile of the data
in the database. You can then investigate any deviations from expected trends. You may have up to 1,000
stratification bands. The stratification analysis is also useful for determining high and low cut-off values for
testing exceptional items.

A numeric stratification analysis can also be created for each unique value or key in a field by selecting that
field from the Group by drop down list. For example, you could produce a profile of sales for each salesperson.
This can potentially create an extremely large volume of output however the maximum number of groups that
will be displayed in the result is 80. If there are more than 80 groups, only the first 80 are displayed. Therefore,
there is an option to specify low and high cut-off values to restrict output. Only groups whose total value of
transactions is between the specified range are output.
To include all items in the stratification analysis, the bands should start less than the minimum value and the
upper band greater than the maximum value of all fields.
Date and Character stratification are different than Numeric Stratification in the sense that different fields are
totaled to the one used for banding.
Step by Step Procedure for performing Numeric Stratification
Ensure that Sales Transaction-Sales Trans is the active database.
Location
x Analysis >Stratification.
Fig. 3.6.1 Stratify Location

(a) In the Field to stratify box, select SALES.
(b) In the Fields to total on box, select SALES.
(c) Group By USERID.
(d) Specify the stratification bands:
x Change the increment to 10,000.
x Click in the < Upper Limit text box of the first row. Note the text box is filled with the value 10,500.
x Click the second row of the spreadsheet area. This automatically fills with 10,500to 20,500

x Highlight the next three rows of the spreadsheet area to take the range to 50,500.
Fig 3.6.2 Stratification

Ensure the Create result check box is selected. In the Result name box, enter Stratification Sales.
(e) Click OK.
(f) The Numeric Stratification result output for the Sales Transactions database becomes active and
appears as a link in the Results area of the Properties window. Note that there are 6 accounts in the
first band ( >= 500 and < 10,500).
Fig. 3.6.3 Stratification Result

Exercises:
1. Use sample-employees file and perform numeric stratification on salary with various bands.
2. Use sample-employees and perform character stratification based on name.
3.7 Sorting
Learning Objectives
x To create a new database in which its records are physically sorted in a specified order.
Location
x Data>Sort.
Fig. 3.7.1 Sorting Location
The fields you select to sort the records by are known as keys. A sort order may contain up to eight keys. When
creating a sort order, the most significant field is selected first (primary key), followed by the next most
significant field, and so on down to the least significant field (secondary keys).
With the Sort task, a new database is created with the records in the sequence of the key. This new database is
a child database and appears in the File Explorer below the main database. Once you have sorted a database,
IDEA displays the records in the database in the sort order and updates the list in the Indices area of the
Properties window.

Step by Step Procedure for performing Sorting

(a) Click on the Field list button (down arrow) on the Field column of the first row of the dialog grid to display
a list of all fields in the database. Select the required field.
(b) The Direction column displays Ascending order for each field selected. To change the order for a field,
click the Direction column to activate the Direction list button.
(c) To add further fields to the sort order, click the next available row in the Field column and select the field
and its direction as above. A maximum of eight fields may be entered. Note: If required, you can delete a
key from the sort order by selecting the required row and then clicking Delete Key.
(d) Here DATE field is selected in descending direction.
Fig. 3.7.2 Sort Database

(e) In File name box enter Sorted database.
(f) Click OK. Date field is sorted in descending direction as shown in the below figure.

Sorted-Database
Fig. 3.7.3 Sorted database

Exercises:
1. Use Sample-Employees and sort on city.
2. Use Sample-Employees and sort on First Name, City and Salary.
3. Duplicate Detection and Gap Detection
3.8 Duplicate Detection

Learning Objectives
x To test the validity of invoices.
x To test for duplicate invoice numbers.
IDEA includes two key functions to identify exceptions, irregularities, anomalies and errors.
These are: Duplicate Detection and Gap Detection
These functions assist the user to sift through large volumes of data and help pin-point specific duplicate
entries or specific missing entries. These also help the user obtain an assurance on all the data reviewed by it.

The duplicate or missing items identified can be taken up for testing after running the respective duplicate and
gap tests within IDEA.
Duplicate Detection and Gap Detection tests are standard passing tests which are run on every database right
at the (inception prior to detailed excepting and analytical testing within IDEA. The tests do not require much
querying experience and resemble plug-n-play tests. Both tests run largely on formatted sequential data fields
like Invoice Number, Purchase Order Number, Cheque Number, etc.
Step by Step Procedure for Duplicate Detection
Location
x Analysis >Duplicate Key >Detection.
Fig. 3.8.1 Identify Duplicates Location

(a) The Duplicate Key Detection dialog box appears.
Fig. 3.8.2 Duplicate Key Detection

(b) Leave the Output Duplicate Records option selected.

(c) Click Fields and select INVOICENO, INVDATE and USERID.
Fig. 3.8.3 Fields

(d) Click Key. The Define Key dialog box appears
(e) .In the Field column, select INVOICENO and leave the direction as Ascending.
Fig. 3.8.4 Define Key

(f) Click OK to return to the Duplicate Key Detection dialog box.
(g) In the File name box, enter Duplicate.
(h) Click OK to run the task.
Duplicate Result
(a) In the resultant database of 8 transactions with DATE, INVOICENO and USERID duplicate values are
investigated.

(b) Duplicate file is opened as current active database.

(c) The given result is sorted based on INVOICENO field in ascending direction.
Fig. 3.8.5 Duplicate Result

Exercises:
1. Use Sample-Employees file and find out duplicates based on name.
2. Use Sample-Employees and identify duplicates based on fields: First Name and Name.
3. Use Sample-Employees file and identify duplicates based on Address.
3.9 Gap Detection

Learning Objectives
x To test for completeness.
x To test for gaps in the invoice number sequence.
Ensure that Sales Transaction is the active database.
Location
x Analysis >Gap Detection.

Figure 3.9.1 Gap Detection Location

Step by Step Procedure for Gap Detection
(a) In the Field to use list box, select INVOICENO.
(b) In the Output area, ensure the Create result check box is selected.
(c) In the Result name box, enter Gap Detection Sales.
(d) On clicking Ok, the result database contains the gaps occurring From: INVOICENO, To: INVOICE and
Number in the active database.
Fig. 3.9.2 Gap Detection

Fig. 3.9.3 Gap Detection Result

Exercise:
1. Use Sample-Bank Transactions file and identify gaps based on date.
3.10 Aging
Learning Objectives
x To age a selected database from a particular date for up to six specified intervals.These intervals can be
days, months, or years.
x To age the outstanding debts at the yearend in order to determine provisions required against bad debts.
Aging function presents aged summaries of data. This summary may be based on the current date or a
specified cutoff date. Use the Aging task to age a selected database from a particular date for up to six
specified intervals. These intervals can be days, months, or years. For example, you can age the outstanding
debts at the yearend in order to determine provisions required against bad debts.
The most common use of the Aging task is with Accounts Receivable or Debtor Ledgers. However, also
consider using Aging on inventory databases (date of last movement) or on short-term loan databases.
The Aging task optionally produces:
x A detailed aging database
x A key summary database
x A Results output

Location
x Analysis >Aging.
Fig. 3.10.1 Aging Location
Step by Step Procedure for performing Aging:

(a) Enter the Aging date to 2012/06/27 i.e yyyy/mm/dd format.
(b) Set the Aging field to use to DATE.
(c) Set the Amount field to total to SALES.
(d) Aging interval in Days. The other options are Months and year.
(e) The Aging task optionally produces:
x A detailed aging database.
x A key summary database.
x A result output.
(f) Select only Create result option.
(g) In the Name box enter Aging Sales.
(h) On clicking Ok, the below output is displayed.

Fig. 3.10.2 Aging Location

Aging Result
Fig. 3.10.3 Aging Result

Exercise:
1. Use Sample Bank Transactions file and perform aging by entering the aging date as: 2003/11/06.

3.11 Data Extraction

Learning Objectives
x To perform an extraction to identify accounts where the new credit limit has been exceeded.
Function description
Extract selected data from a file for further investigation for creating a new file of logically selected records. For
example: you can use Direct Extraction to perform a single extraction on a database, or up to 50 separate
extractions with a single pass through the database.
Step by Step Procedure for Data Extraction
Location
x Data >Extractions >Direct Extraction.
Fig. 3.11.1 Direct Extraction Location
Fig. 3.11.2 Direct Extraction

(a) In the File Name column, replace the default file name with Sales Greater than 20,000.
(b) Click the Equation Editor Button, and then enter the equation SALES >= 20000.
(c) Click the Validate and Exit button to return to the Extract to File(s) dialog box.
(d) On clicking Ok creates a new child database with name Sales Greater than 20,000which contain records
where Sales is greater than 20,000.
Record Extraction Result
Fig. 3.11.3 Direct Extraction Result

Exercises:
1. Use Sample-Suppliers file and extract supplier details where supplier no. is from 30000 to 90000.
2. Use Sample-Suppliers file and extract supplier details where country is “Chile”.
3.12 Benford’s Law

Learning Objectives
x To compare the data with the data pattern predicted by Benford's Law analysis.
Benford's Law states that digits and digit sequences in a data set follow a predictable pattern. TheBenford's
Law task generates a database, and optionally a Results output, that you can analyze to identify possible

errors, potential fraud, or other irregularities. If artificial values are present in the selected database, the
distribution of the digits may have a different shape, when viewed graphically, than the shape predicted by
Benford's Law.
A Benford's Law analysis is most effective on data:
x Comprised of similar sized values for similar phenomena.
x Without built-in minimum and maximum values.
x Without assigned numbers, such as bank accounts numbers and zip codes.
x With four or more digits.
Step by Step Procedure for using Benford’s Law function
Location
x Analysis >Benford's Law.
Fig. 3.12.1 Benford’s Law Location

The analysis counts digit sequences of values in the database and compares the totals to the predicted result
according to Benford's Law. Non-zero digits are counted from left to right and values below 10 are ignored.

Fig. 3.12.2 Benford’s Law
Steps for Benfords Law

(a) Select the field to analyze. In the Field to analyze drop-down list, select the Numeric field for which you
want to analyze with Benford's Law.
(b) Select the number type. In the Include Values area, select the check box for the required number type
(Positive or Negative).
(c) Optionally, specify the upper and lower boundaries. The upper and lower boundaries define the
acceptable range of values where the actual result can appear. Select the Show boundaries check box
to include the boundaries in the Results output and resultant database.
(d) Select the required analysis types. In the Analysis Type area, select the required analysis types, and
then accept or change the associated database file names.
(e) Optionally, create a Results output.
(f) 0n Clicking Ok, we get results for Benford’s First Digit, Second Digit, First Three Digit and First Two Digit.
(g) In the below image, Benford First Digit result is displayed. To view Second, Third and Fourth Digit result,
click on the IDEA files explorer.

Fig. 3.12.3 Benford’s LawFirst Digit Result

Exercise: Use Sample-Bank Transactions file and perform Benford’s Law function on amount.
3.13 Consolidation of Data

Learning Objectives
x To summarize data and create a report based on many calculations.
x To define how your data is displayed and organized.
Consolidation is the process of combining values from several ranges of data. Data can be consolidated by
Pivot Table.
Step by Step Procedure for reporting
Location
x Analysis>Pivot Table.

Fig. 3.13.1 Pivot Table Location

In the Result name box, enter a name for the Pivot Table Results output.
Fig. 3.13.2 Pivot Table

Click OK. The Pivot Table Field List dialog box appears. It contains the list of available fields in the database,
with their field types in adjacent brackets.

Fig. 3.13.3 Pivot Table Field List

(a) Create the table by dragging fields to summarize from the Pivot Table Field List dialog box to the
following areas: Drop Column Fields Here, Drop Row Fields Here, Drop Data Items Here and Drop
Page Fields Here:
(b) You can drag the same field more than once into the data area creating a new statistic each time - sum,
amount, and so on.
(c) You can add multiple fields to the Column and/or Row area. When more than one field is added to a
column or row area the data in the rightmost header column or lowest header row is grouped by data in
the preceding row or column.
(d) You can also select a field from the Pivot Table Field List dialog box, select the area of the pivot table
to which you want to add the selected field from the drop-down list, and then click Add To. Once a field
has been added to the table, it is highlighted in the Pivot Table Field List dialog box.
(e) For every field added to the pivot table, its sort order is added to the Indices area of the Properties
window. You may delete these indices from the Indices area without affecting the pivot table.
(f) From the Pivot Table Field List dialog box, click Close.

Pivot Table Result
Fig. 3.13.4 Pivot Table Result

Exercises:
1. Use Sample-Employees file and perform pivot table function with branch as row and salary as column
name.
2. Use Pivot table to find out salary as per country/branch and total of salary.
3.14 Equation Editor

Learning Objectives
x To create formulae and equations in IDEA.
Functions
Use functions to perform more complex calculations and exception testing. You can use them for date
arithmetic, text searches, and some statistical operations. They are very similar in style and operation to
functions found in other software packages such as Microsoft Excel, Lotus 1-2-3, and dBASE. Each function
calculates a result based upon the parameters passed to the function. Parameters are passed in parentheses.

Fig 3.14.1 Equation Editor

Select the type of function you require from the following category list to view the details for the associated
functions:
x All - Complete list of all functions.
x Character - Text manipulation or conversion Numeric - Calculations and statistics
x Date and Time - Date and time calculations and conversions
x Matching - Matching of multiple and similar items
x Conditional - IF statements to select different items
x Financial - Financial calculations
x Custom - User-defined functions
Entering Functions in Equation Editor

Entering a function involves entering the function name along with any necessary parameters. Functions are
entered in the Equation area of the Equation Editor.
Entering the Function Name
To enter the function name in the Equation area, expand the appropriate function category and then double-
click the required function name. Alternatively, if you know the name of the function, you can type it directly into
the Equation area. As you type the function name, the Equation Editor provides a list of possible function
names.

Entering the Parameters

Parameters may be complete equations with references to other functions, such as nested functions, or simple
constants. Parameters are separated by a list separator. The list separator is defined in your Windows Regional
Settings and is usually a comma or a semi-colon. Most functions require a specific number of parameters. A
syntax error occurs if you provide the wrong type of parameter to a function.
TYPE EXPLANATIONS EXAMPLES

String Represents text or a character expression. A character expression can contain "Smith"
characters or a Character data field. "123456"
"Joe" +
"Bloggs"
Number 123.45
Represents a numeric expression. A numeric expression can contain numeric
ACCNT BAL
constants or Numeric data fields.
QTY*COST
Time Represents a time expression. It is displayed in the grid as HH:MM:SS. A time
expression can contain a time constant expressed as a string, a numeric constant, "23:59:59"
a Time field or a Numeric field. Numeric values are interpreted as the number of TRANS_TIME
seconds.
Date Represents a date expression. A date expression is a character string that is eight "19960131"
characters long and contains a valid date in YYYYMMDD format. TRANS_DATE
3.15 Reporting
Learning Objectives
x To generate a report for the current active database.
You can use the reporting feature to generate various types of reports from idea.
Step by Step Procedure for reporting

Create a report using the view settings by selecting File >Print >Create Report. Alternatively, click the Create
Report button on the Operations toolbar. The Report Assistant dialog box appears.
Report Assistant
Accept all defaults and select the Allow headings to span multiple lines check box. Click Next.

Fig. 3.15.1 Report Assistant

Step 1: Heading Step
Modify the report headings as follows, and then click Next:
x Date – Invoice Date
x INVOICENO – Invoice Number
x NAME – User Name
x SALES – Sales
x USERID – User Id

Fig. 3.15.2 Report Assistant- Heading

Step 2: Define Breaks Step
(a) During this step, define if and where control breaks (required for totals in reports) are required.
(b) Sequence the database records in the following order:
x INVOICENO : Ascending
Fig. 3.15.3 Report Assistant - Define Breaks

(c) Click Next.
Note: IDEA displays the records in the report in the order of the index. IDEA displays the index description in
the Indices area of the Properties window once you have completed the report.

Step 3: Report Breaks Step

Create a break and total the Sales field for each INVOICENO. Select the options as in the image below, and
then click Next.
Fig. 3.15.4 Report Assistant - Report Breaks

Step 4: Grand Totals Step
Create grand totals for the Sales field only, set the font style to bold, and then click Next.
Fig. 3.15.5 Report Assistant -Grand Totals

Step 5: Header/Footer Step

Enter/select the following information, and then click Finish.
x Print cover page: Select this check box.
x Title: Sales Transactions.
x Comments: Ordered by User Id and date.
x Prepared by: Enter your name or initials.
x Header: Enter the name of your organization.
x Date/Time: Accept the defaults unless you have particular preferences.
Note: The options you have selected effect how the report is printed. The name entered into the Prepared by
field appears on reports accessed via the Print Preview of a Results output.
Fig. 3.15.6 Report Assistant – Header/Footer

On clicking finish, you can preview the report generated.

3.16 Field Manipulation

Learning Objectives
x To view field definitions, add or delete fields, change field properties such as field name and type.
You can use this to modify the fields as required. Please note that making changes to a field through Field
Manipulation may cause any output based on that field (results, drill-downs, indices, views, etc) to appear
incorrect or become invalid. Results may be made valid again by returning the settings to what they were when
the result was created. To avoid this, instead of changing a field definition, append a new field to the database
with the required definition. For example, instead of changing the type of a field from Character to Numeric,
create a new Virtual Numeric field using @Val.
Select Data>Field Manipulation. Field Manipulation Dialog Box is opened.
Fig. 3.16.1 Field Manipulation
Add a field
x Click Append.
x Enter the field definition:
x Field Name: A unique field name up to 40 characters in length that does not contain spaces or special
characters.
x Type: Click the Type text box to display the type options, and then select the required type.
x Length: The total length of the field in characters. IDEA automatically determines the length for Editable
Numeric fields.
x Decimal: If applicable, enter the number of decimal places. If the decimal is implied, enter 0. The
maximum number of decimals places allowed is six.
x Parameter: Click the Parameter field to invoke the Equation Editor.
x Tag Name: If you have Smart Analyzer installed, click the <No tag> link to add a tag.

x Description (optional): A brief description of the field. The maximum length of the description is 256
characters.
x Click Ok
Delete a field
Click in the row corresponding to the field to be deleted.
Click Delete.
Click Yes to confirm the deletion.
Note: As a security feature, by default, native fields cannot be deleted
Change a field type
Click the Type text box to display the type options, and then select the required type.
Notes:
• Virtual field types can only be changed to other Virtual field types. For example, a Virtual Character field
could be changed to a Virtual Date field.
• Field types cannot be changed for Editable, Boolean or Multistate fields; however the data within this
field in the database can be changed.
Change a field name
Click in the Field Name cell of the field name to be changed and enter the new name.
Exercise:
Use Sample-employees file and modify different field and understand the impact.

Annexure - Using Audit software: Some Practical Examples

These are samples of analysis which can be performed using audit software for various types of audits/reviews.
Category Type of Analysis CAAT Function

Creditors x Payment terms x Extraction, Date difference
x Credit Control Policy x Extraction, Date difference,
x Aging of creditors x Aging, date difference
x Discount policy x Stratification, Summarization,
x Authorised suppliers x Join, Relation, Sort,
x Authorization x Filter, Extract, Summarization
x Accounting x Sort, Total, Count, Summarization
x Supplier classification on x Sort, Relation, Join, Summarization, Sort
purchases x Aging, MIS, date difference
x Analysis of purchases by period
Tax Audit x Identify cash loan\deposits>20000 x Sort, Filter, Extract, Export, Index, analytical
x Identify cash payment > 10000 tool
x Review of TDS compliance Sort, Filter, Extract, Export, analytical tool
x Analysis of Inventory x Join, Relation, Sort, analytical tool
x Aging, MIS, Summarization, Count, Total
Financial x Review of Authorization x Filter, Extract, Summarization
audit x Review of discount policy x Stratification, Summarization,
x Compliance with tax rates – sales x Join, relation, filter, extract, sort, count, Total,
tax, excise duty, etc Compare files
x Verification of financial accuracy x Summarization, Sort, Statistics, Total,
x Aging of debtors Summarization
x Aging, MIS, Periodicity check
Internal Audit x Overall statistical analysis x Statistics, Benford’s Law, Summarization
x Identification of exception items x Benford’s Law, Filter, Gap detection
x Duplicate payment for invoices x Identify duplicates, Sequence,
x Debtors outstanding > credit period x Join, Relation, Aging, Summarization
x Age-wise analysis of debtors x Aging, MIS, Summarization, Statistics
x Age-wise analysis of inventory x Aging, MIS, date difference. total, count
Purchases x Duplicate payments x Duplicates, Sequence, Relation
x Invalid vendors x Join, Relation, Sort, Summarization, Filter
x Duplicate invoices x Duplicates, Sequence, Relation
x Invalid purchases x Join, Relation, Sort, Summarization, Filter
x Payments without receipt of goods x Join, Relation, Compare files, Filter,

x Inflated prices Exceptions

x Excess quantities purchased x Filter, Sort, Stratify, Join, Relation
x Filter, Sort, Stratify, Join, Relation
Payroll x Ghost employees x Join, Relation, Summarization, Sort, Statistics
x TDS x Re-computation using analytical tool
x Duplicate direct credits x Identify duplicates, Sequence, Relation
x Duplicate home addresses x Identify duplicates, Sequence, Relation
x PO Box addresses x Identify duplicates, Sequence, Relation
x Work Phone Nos. x Identify duplicates, Sequence, Relation
x Work Location x Identify duplicates, Sequence, Relation
x Deductions x Re-computation using analytical tool
x Vacation and sick leave x Re-computation using analytical tool
x Wage level x Join, Relation, Summarization, Statistics
x Terminated employees x Join, Relation, Filter, Statistics
x Overpayment, overtime x Summarization, Statistics, MIS, Join, Relation
Aging x Overdue A.R. and A.P. x Aging, MIS, date difference
x Favorable credit terms x Aging, MIS, date difference,
x Inventory turnover rates x Stratify, Filter, Summarization,
x Dormant accounts x Identify Gaps, date difference
x Records with future, blank or x Sort, Filter, Sequence, Identify Gaps, Date
otherwise invalid dates difference, Statistics, Count
x Items past a cutoff date x Date difference, Aging, Filter,
x Contracts awarded before contract x Date difference, Aging, Filter, Summarization,
date Statistics
x Transactions outside of billing x Aging, Filter, Summarization, Statistics
period x Date difference, Aging, Filter,
x Length in days of various activities Summarization,….
Questions
1. Computer Assisted Audit Techniques (CAATs) refers to using _________for increasing the effectiveness
and efficiency of auditing.
A. Technology
B. Standards
C. Documentation
D. Systematic Process

2. Which of the following statements pertaining to CAAT is true?

A. CAATs are specialist tools designed for use by specialist IT auditors
B. CAATs refer to common techniques which can be easily mastered to audit in a computerized
environment.
C. CAATs cannot be used for compliance audit.
D. CAATs can be used for Information systems audit only.
3. Which of the following statements pertaining to CAAT is incorrect?
A. CAATs are tools for drawing inferences and gathering relevant and reliable evidence.
B. CAATs provide direct access to electronic information
C. CAATs provide a mechanism to gain access and to analyze data
D. CAATs techniques are available in general audit software only.
4. Which of the following is a key reason for using CAATs?
A. Availability of input documents
B. Availability of visible paper trail.
C. Need to access information from systems having different IT environments.
D. Need to perform audit in lesser time.
5. Which of the following is a not a benefit of using CAATs?
A. Increased audit quality and comply with auditing standards.
B. Identify materiality, risk and significance in an IT environment.
C. Identifying fraud in audit area.
D. Ensuring better audit planning and management of audit resources.
6. For effective use of CAATs it is necessary to:
A. Understand programming language of the software being audited.
B. Obtain source code of the software being audited.
C. Obtain copy of data in their original format for independent analysis.
D. Audit data is retained in the original database format.
7. Which of the following step is important for validating the correctness of data obtained for audit?
A. Issue a letter for getting the requested data in specified form as per the audit objectives.
B. Obtain copies of record layout and definitions of all fields.
C. Ensure that auditor has an overall understanding of the data.
D. Compare the imported in audit software with control total of key data.

8. File access in CAATs refers to the capability of::

A. Reading of different record formats and file structures.
B. Conversion of data to common formats of data
C. Using the import/ODBC function.
D. Reviewing access controls of application software.
9. File reorganization feature of CAATs refers to:
A. Functions provide auditor with an instant view of the data from different perspectives.
B. Indexing, sorting, merging, linking with other identified files.
C. Using of global filter conditions to select required data based on specified criteria.
D. Useof sampling, stratification and frequency analysis.
10. Which of the following statement pertaining precautions in using CAATs is incorrect?
A. Collect the relevant and correct data files.
B. Identify all the important fields that need to be accessed.
C. Ensure the data represents audit universe correctly and completely.
D. Information provided by CAATs is clear indicator of problems and no further testing is required.
11. Which of the following is the first step in using CAATs?
A. Identify the sources of data from the enterprise information system/application software.
B. Based on scope and objectives of audit, decide about the need and extent to which CAAT could be
used.
C. Identify the critical data which is being audited as per audit scope and objectives.
D. Identify the relevant personnel responsible for the data and information system.
12. Which of the following is the final step in using CAATs?
A. Obtain and review documents relating to data/information systems.
B. Decide what techniques of CAATs could be used as relevant to the environment
C. Prepare a detailed plan for analyzing the data.
D. Perform relevant tests on audit data as required and prepare audit findings and include in audit
report/opinion.
Answers
1. A 2. B 3. D 4. C
5. C 6. C 7. D 8. A
9. B 10. D 11. B 12. D

References
Below are sample list of references:
www.icai.org
www.isaca.org
www.auditnet.org
www.caseware-idea.org
www.acl.com
www.theiia.org

Advanced Information Technology Training

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Advanced Information Technology Training

Diunggah oleh

Hak Cipta:

Format Tersedia

ADVANCED INFORMATION

©The Institute of Chartered Accountants of India

Edition : September, 2014

Sale Price : 4  )RU0RGXOH, ,,

Published by : The Publication Department on behalf of The Institute of

Printed by : Repro India Ltd., Mahape, Navi Mumbai

CHAPTER 1. INTRODUCTION TO CAAT .............................................................................................. 3

UNIT-4 : CORE BANKING SOLUTION ........................................................................................... 65

CHAPTER 1. CBS BASICS AND ITS WORKING METHODOLOGY ........................................................ 67

UNIT-5 : ENTERPRISE RESOURCE PLANNING .......................................................................... 129

CHAPTER 1. ERP OVERVIEW ............................................................................................................ 131

CHAPTER 1. IT APPLICATION IN CA’S OFFICE .................................................................................. 221

1.2 The all-encompassing Electronic data

ADVANCED INFORMATION TECHNOLOGY TRAINING 3

1.3 Auditors and CAATs

1.4 Auditors and CAATs

1.5 Need for CAATs

4 ADVANCED INFORMATION TECHNOLOGY TRAINING

1.6 Obtaining audit data

1.7 Key steps for obtaining data

ADVANCED INFORMATION TECHNOLOGY TRAINING 5

1.8 Key capabilities of CAATs

Precautions in using CAATs

6 ADVANCED INFORMATION TECHNOLOGY TRAINING

1.9 Step by step methodology for using CAATs

1.10 Examples of Tests performed using CAATs

ADVANCED INFORMATION TECHNOLOGY TRAINING 7

1.11 Analytical Review Procedures

8 ADVANCED INFORMATION TECHNOLOGY TRAINING

ADVANCED INFORMATION TECHNOLOGY TRAINING 9

2 DATA ANALYSIS AND AUDIT

2.1 Need for using CAATs

2.2 Key Factors to be considered in Using CAATs

10 ADVANCED INFORMATION TECHNOLOGY TRAINING

x Integrity of the information system and IT environment

2.3 CAATs Planning Steps

2.4 Audit evidence and CAATs

2.5 CAATs Documentation

ADVANCED INFORMATION TECHNOLOGY TRAINING 11

2.6 Audit Test using CAATs

12 ADVANCED INFORMATION TECHNOLOGY TRAINING

2.7 Audit Sampling

Design of the Sample

Selection of the Sample

ADVANCED INFORMATION TECHNOLOGY TRAINING 13

14 ADVANCED INFORMATION TECHNOLOGY TRAINING

3 DATA ANALYSIS USING IDEA

3.1 Importing Data

ADVANCED INFORMATION TECHNOLOGY TRAINING 15

Step by Step Procedure for Importing Data into IDEA

Fig. 3.1.1 Import Assistant Location

Fig. 3.1.2 Import Assistant Step 2

16 ADVANCED INFORMATION TECHNOLOGY TRAINING

Step 2: Select Tables as shown in Fig 3.1.3

Fig. 3.1.3 Import Assistant Step 3

ADVANCED INFORMATION TECHNOLOGY TRAINING 17

Step 3: Result - Customer-Database

Fig. 3.1.4. Customer Database is imported into IDEA

18 ADVANCED INFORMATION TECHNOLOGY TRAINING

3.2 Importing Data

Step by step process for exporting files from IDEA.

Fig. 3.2.1 Export Database Location

ADVANCED INFORMATION TECHNOLOGY TRAINING 19

Sale Price : 4 )RU0RGXOH, ,,